Post on 06-Jan-2017
Towards Security Software Engineering the Smart Grid as a
System of Systems
Vanea Chiprianov, Laurent Gallon, Khouloud Salameh, Manuel Munier, Jamal El Hachem
University of Pau and Pays Adour, France
SoSE, San Antonio, Monday 18th May 2015
2
AG
END
A
Towards Security Software Engineering the Smart Grid as a System of Systems
18/05/2015
The Smart Grid as an SoS The Smart Grid The Smart Grid as an SoS
Security Challenges to the Smart Grid as an SoS Operational independence challenges Managerial independence challenges Evolutionary development challenges Emergent behavior challenges Geographic distribution challenges
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS Life-cycle Management Requirements Engineering Architecture Modeling Implementation Verification Release
3
The Smart Grid as an SoS
Smart Grid Renewable sources Two-way electric flow => more complex
information flows
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
[Liu, 2012]
4
The Smart Grid as an SoS
Smart Grid
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
5
The Smart Grid as an SoS
The Smart Grid as an SoS Characteristics differentiating SoS from monolithic systems [Maier, 1998], [Boardman,
2006], [Gorod, 2007], etcSmart Grid as an SoS [Pérez, 2013]:
Operational and managerial independence: the SG is constituted from systems such as solar, wind plants, swarms of electric vehicles, which operate on their own and have different owners and managers Evolutionary development : different energy generating systems can be dynamically aggregated/removed to/from the power grid Emergent behaviour: producers, providers and consumers coordinate in order to balance supply and demand. Geographic distribution: the energy generation, storage, and consumption should be realized as near as possible to the physical location of consumption/generation in order to achieve greater efficiency of the system
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
6
The Smart Grid as an SoS
Smart Grid
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
7
Security challenges to the Smart Grid as an SoS
Operational independence challenges
Identification, authentication and access control: Key processes for verifying the identity of a device/user Every node must have ay least basic cryptographic functions
Device security issues Each component may have specific vulnerabilities, e.g.:
Smart Meter: individual tariff => breaches → alternate bills Electric vehicles: charging at different locations → inaccurate billing
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
8
Security challenges to the Smart Grid as an SoS
Managerial independence challenges
Accountability: Recording and tracing Who is responsible for the security issue, and who should fix it Concerns both energy and information Can be used as evidence in future judgement Determine the cause or extent of damage – digital forensics
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
9
Security challenges to the Smart Grid as an SoS
Evolutionary development challenges
Backwards compatibility: Integration of (legacy/traditional) devices
Secure and efficient communication protocol: The Smart Gris is time-critical (legacy from traditional grid) → message delivery
both secure and efficient Impacts of security protections need balance/minimization, and their timing
made predictable
Co-design of control and security: Industrial control does not do much about security Recently, some attention has been dedicated
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
10
Security challenges to the Smart Grid as an SoS
Emergent behavior challenges
Hidden vulnerabilities due to interdependencies: Management (emergent) objectives (e.g. energy efficiency) require interactions
between different Constituent Systems of the Smart Grid Each Constituent System has specific vulnerabilities Interactions → chains of vulnerabilities Solution ? : continuous (real-time) monitoring / simulation
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
11
Security challenges to the Smart Grid as an SoS
Geographic distribution challenges
Attack detection (network/distributed system) Availability:
Denial of Service: Disrupt ressource access Violate timing requirements of critical message exchange
Integrity: False data injection attacks: against market – financial loses
Confidentiality: Eavesdroping attacks - consumer profile → know whether you are at home
or not Solution ? : Anonymisation, but overhead, etc
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
12
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS
Software Engineering the Smart Grid
Smart Grid = Cyber-physical system [Sridhar, 2012] Software Engineering → cyber/software aspects, the impact of physical security challenges on the cyber part ; LIMITED challenges specific to the physical part
Life-cycles: Requirements Architecture Implementation Verification Release/Evolution
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
13
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS
Life-cycle Management
Legacy system of the traditional power grid → 1st iteration Smart Grid → 2nd iteration => life-cycle of the Smart Grid SoS = iterative, spiral development process:
Reqt Eng of the new iteration (2nd – Smart Grid) Model an Arch Implement Verify Release
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
14
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
Smart GridDevelopment
Smart GridLife-cycle Mngt
Smart GridReqt Eng
Smart GridArch Modeling
Smart GridImplementation
Smart GridVerification
Smart GridRelease
15
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS
Requirements Engineering
Integrate characteristics of the legacy power grid High restrictions on transmission delay and failures Related to backwards compatibility and co-design challenges
+ Fulfill expectations of the new Smart Grid Security risk identification and mitigation
New risks from new capabilities Related to hidden vulnerabilities challenge Residual risks from each constituent device How to manage risks associated with end-to-end flow of information and
control ? Standards ?
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
16
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS
Architecture Modeling
Describe legacy power grid and the existing security solutions + The Smart Grid: heterogenous devices, network architecture → not uniformly security approaches, but fine-grained security solutions How to choose between them, how to use them together ? Solution ? Predictive modeling and simulation to compare architectural alternatives
Simulation techniques [Li, 2014]: network, power grid, co-simulation Describe attack models
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
17
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS
Implementation
Code generation from Model-driven languages How about information management ? Solution ? Big Data for information analysis, integration, optimization
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
18
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS
Verification
Managerial independence → different certification and quality processes for each constituent system Agree on common standards ? Simulation – useful for verifying architecture
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
19
Roadmap/Vision/Framework for Security Software Engineering the Smart Grid as an SoS
Release
Triggered every time at least one constituent system evolves Managerial and operational independence → difficult synchronization for deploying updates => Detecting undesired emergent behavior → monitoring
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015
20
Conclusion
How specific characteristics of the Smart Grid SoS raise challenges for security engineering
Proposed a roadmap/vision/framework based on Software Engineering principles : modeling, simulation and code generation
Towards Security Software Engineering the Smart Grid as a System of Systems 18/05/2015